Vulnerability in Apereo Opencast
CVE-2017-1000221
In Opencast 2.2.3 and older if user names overlap, the Opencast search service used for publication to the media modules and players will handle the access control incorrectly so that users only need to match part of the user name used for…
EPSS: 0.008 (50.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.
Affected products
- Apereo Opencast
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_CONFIRM, Exploit, Issue Tracking, Vendor Advisory)
Frequently asked questions
- What is CVE-2017-1000221?
- CVE-2017-1000221 is a medium-severity vulnerability in Apereo Opencast, classified under Incorrect Permission Assignment for Critical Resource. CVSS score: 6.5/10. Published 2017-11-17.
- How severe is CVE-2017-1000221?
- Medium severity. CVSS v3 base score is 6.5 out of 10.